| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e99cf4ef-40ec-4e66-956f-c9e2aebb4621@linux.ibm.com>
Date: Tue, 13 Feb 2024 16:38:31 +0530
From: Nilay Shroff <nilay@...ux.ibm.com>
To: John Garry <john.g.garry@...cle.com>
Cc: axboe@...nel.dk, brauner@...nel.org, bvanassche@....org,
dchinner@...hat.com, djwong@...nel.org, hch@....de, jack@...e.cz,
jbongio@...gle.com, jejb@...ux.ibm.com, kbusch@...nel.org,
linux-block@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-nvme@...ts.infradead.org,
linux-scsi@...r.kernel.org, linux-xfs@...r.kernel.org,
martin.petersen@...cle.com, ming.lei@...hat.com, ojaswin@...ux.ibm.com,
sagi@...mberg.me, tytso@....edu, viro@...iv.linux.org.uk
Subject: Re: [PATCH v3 10/15] block: Add fops atomic write support
On 2/13/24 15:28, John Garry wrote:
> On 13/02/2024 09:36, Nilay Shroff wrote:
>>> +static bool blkdev_atomic_write_valid(struct block_device *bdev, loff_t pos,
>>
>>> + struct iov_iter *iter)
>>
>>> +{
>>
>>> + struct request_queue *q = bdev_get_queue(bdev);
>>
>>> + unsigned int min_bytes = queue_atomic_write_unit_min_bytes(q);
>>
>>> + unsigned int max_bytes = queue_atomic_write_unit_max_bytes(q);
>>
>>> +
>>
>>> + if (!iter_is_ubuf(iter))
>>
>>> + return false;
>>
>>> + if (iov_iter_count(iter) & (min_bytes - 1))
>>
>>> + return false;
>>
>>> + if (!is_power_of_2(iov_iter_count(iter)))
>>
>>> + return false;
>>
>>> + if (pos & (iov_iter_count(iter) - 1))
>>
>>> + return false;
>>
>>> + if (iov_iter_count(iter) > max_bytes)
>>
>>> + return false;
>>
>>> + return true;
>>
>>> +}
>>
>>
>>
>> Here do we need to also validate whether the IO doesn't straddle
>>
>> the atmic bondary limit (if it's non-zero)? We do check that IO
>>
>> doesn't straddle the atomic boundary limit but that happens very
>>
>> late in the IO code path either during blk-merge or in NVMe driver
>>
>> code.
>
> It's relied that atomic_write_unit_max is <= atomic_write_boundary and both are a power-of-2. Please see the NVMe patch, which this is checked. Indeed, it would not make sense if atomic_write_unit_max > atomic_write_boundary (when non-zero).
>
> So if the write is naturally aligned and its size is <= atomic_write_unit_max, then it cannot be straddling a boundary.
Ok fine but in case the device doesn't support namespace atomic boundary size (i.e. NABSPF is zero) then still do we need
to restrict IO which crosses the atomic boundary?
I am quoting this from NVMe spec (Command Set Specification, revision 1.0a, Section 2.1.4.3) :
"To ensure backwards compatibility, the values reported for AWUN, AWUPF, and ACWU shall be set such that
they are supported even if a write crosses an atomic boundary. If a controller does not
guarantee atomicity across atomic boundaries, the controller shall set AWUN, AWUPF, and ACWU to 0h (1 LBA)."
Thanks,
--Nilay
Powered by blists - more mailing lists